﻿using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;

public partial class _Default : System.Web.UI.Page 
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }
    protected void btnInput_Click(object sender, EventArgs e)
    {
        //获取用户输入
        string UInput = tboxInput.Text;


        /* 改动1——检查输入合法 */
        Checker ck = new Checker(UInput,1);
        if (!ck.ck_Process())       //用户输入含非法字符
        {
            Response.Write("<label><font color=red>用户输入含非法字符，禁用！</font></label><br/>");
            return;
        }
    
      
            /* 测试GET方法
            int countGET = Request.QueryString.Count;
            string testGET = Request.QueryString[0];
            */

        
        //连接DB  string strConn_MSSQL = "server=WEWE-6FC33A6182\\SQLEXPRESS;database=dbUserInfo;uid=sa;password=.";
        string strConn_MSSQL = System.Configuration.ConfigurationManager.AppSettings["MSSQLConnectionString"].ToString();
        SqlConnection CONN = new SqlConnection(strConn_MSSQL);
  
         
        //构建SQL
        string strQUERY = "SELECT name FROM tbUserInfo WHERE id=" + UInput;
            
        //执行SQL
        SqlCommand QUERY = new SqlCommand(strQUERY,CONN);
        CONN.Open();


        /* 改动2——加入捕获异常机制 */
        try
        {
            SqlDataReader DReader = QUERY.ExecuteReader();

            //返回结果，关闭连接
            //1、有符合条件的结果
            if (DReader.HasRows == false)
            {
                Response.Write("<label><font color=red>！！无结果</font></label><br/>");
            }

            //2、没有符合条件的结果

            else
            {
                Response.Write("<label><font color=blue>：）有结果</font></label><br/>");

            }

            DReader.Close();
           
        }
        catch
        {
            Response.Write("<label><font color=red>用户输入不正确，请重新输入！</font></label><br/>");
        }
        finally 
        {
            CONN.Close(); //调用CLOSE方法，并不是实际关闭连接，而是将连接标为未用，放在连接池中，准备下一次复用

        }



                /*另一种方式设置调用SqlCommand类对象的方法
                 *  SqlCommand QUERY;
                 *  QUERY.Connection = CONN;
                 *  QUERY.CommandText = strQUERY;
                 *  QUERY.CommandType = CommandType.Text;
                 */ 
             
      
       

    }
}
